Payment machines possibly infected at nationwide Teavana chain

Law enforcement and financial community sources suspect a credit and debit card breach at tea products retailer Teavana exposed customer card information.

“A source at a major U.S. credit card issuer confirmed that the card brand has seen fraud rates indicative of a breach emanating from virtually the entire Teavana franchise, which spans more than 280 stores nationwide.”

Also, a federal law enforcement official said agents were investigating a possible breach at Teavana.

“Seattle-based coffee giant Starbucks, which acquired Teavana late last year, declined to confirm a breach at Teavana, saying only that the company is currently responding to inquiries from card-issuing banks and credit card brands.”

A different big debit and credit card issuer said it became aware of a problem in early March 2013, after witnessing a spike in fraudulent charges via counterfeit cards that were being used to buy high-dollar gift cards at Target retail locations.

“Nearly all of the counterfeit cards had previously been used at Teavana locations across the country, many as far back as late 2012.”

The thieves’ ability to clone cards means they very likely installed “malicious software that extracts data stored on the card’s magnetic stripe — most likely from point-of-sale devices when customers swipe their cards at the register.”